[go: up one dir, main page]

GB2462160A - A distributed server system includes a table indicating communication relationships between various service programs - Google Patents

A distributed server system includes a table indicating communication relationships between various service programs Download PDF

Info

Publication number
GB2462160A
GB2462160A GB0909312A GB0909312A GB2462160A GB 2462160 A GB2462160 A GB 2462160A GB 0909312 A GB0909312 A GB 0909312A GB 0909312 A GB0909312 A GB 0909312A GB 2462160 A GB2462160 A GB 2462160A
Authority
GB
United Kingdom
Prior art keywords
server
operating system
connection
service
started
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0909312A
Other versions
GB0909312D0 (en
Inventor
Yuji Imai
Andreas Savva
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Publication of GB0909312D0 publication Critical patent/GB0909312D0/en
Publication of GB2462160A publication Critical patent/GB2462160A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • H04L29/08144

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention concerns a system comprising an administrative manager (10, Fig. 1) and a plurality of servers (20, Fig. 1), each including a virtual machine environment in which a host operating system (OS) (30, Fig. 11) and a guest OS (40, Fig. 11) are operable as virtual OSs. The administrative manager includes a first table 10F which indicates communication relationships between various service programs, in particular whether or not VPN connections are available between the service programs, according to service program type (A, B or C); in Fig. 5, "0" indicates a connection is available and "X" indicates a connections is unavailable. The administrative manager also includes a second table (10G) which indicates which servers run each of the aforementioned service programs. When a guest OS is started up in its server, the tables are referred to (S2, S3, Fig. 10) to identify the connection target server for performing communications with the server in which the guest OS is started up, based on the guest OS service program type. Connection information (S7-S10, Fig. 10) is then set in the host OSs of the servers to be involved in a communication. This simplifies the setting-up procedure.

Description

V
NETWORK SETTING METHOD AND APPARATUS
FIELD
[0001] The invention is concerned with a technology for performing network setting on servers each of which is applied with a virtualization technology, for the purpose of performing communications among the servers.
BACKGROUND
[0002] In recent years, demands for implementing outsourcing of information processing systems of service enterprises and the like are increased, and the market thereof is expanded. A data center collectively undertaking such outsourcing includes a server node pool configured by a plurality of servers. Then, service programs for processing customers' services of which outsourcings are consigned are discretely allocated to the plurality of servers configuring the server node pool, according to functions thereof, and also, these servers are physically network-connected.
[0003] In the server node pool described above, in order to separately administrate the services of the plurality of customers, a technology for setting a virtual machine environment in each server is generalized. To be specific, in each server, as a virtual operating system (hereunder, "operating system" is to be referred to as an OS (operating system), i.e., virtual OS, and the same rule will be applied to other operating systems), a host OS being a basis in the virtual machine environment is operated, and also, a guest OS as an environment for executing the service program is operated. Thus, even in the case where the service programs for the plurality of customers are processed on the same server, it is possible to avoid that data processed by the service programs for the customers are mixed among the customers.
[0004] Further, in such a server node pool, since the physical network among the servers is shared by the plurality of customers, in order to avoid information leakage among the customers, unauthorized access and the like, a method described below is further adopted. Namely, the physical network among the servers is sectioned in L2 (Layer-2) sections using a VLAN (Virtual Local Area Network) technology or is sectioned using a VPN (Virtual Private Network) technology to thereby virtually divide the physical network, so that a virtual intranet is set up for each customer.
[0005] Here, in operations of such a system, it is naturally assumed that, in accordance with changes in áustomers' services, a burden is concentrated onto a specific service program. In such a case, a guest operating system is newly started up in the server which has not executed the specific service program until now, to thereby make the server to execute this specific service program. Then, this server executing the specific service program is newly and virtually network-connected to another server executing the service program in cooperative with the specific service program, so that data is transmitted and received between these servers. Thus, the burden balancing is provided, and consequently, it is possible to avoid troubles that may arise (refer to Japanese National Publication of International Patent Application No. 2004-503011).
[0006] However, in the case where the guest OS is newly started up to be virtually connected to another server, the burden on the network setting work is considerable. This is because a function of newly starting up the guest OS in the server is not cooperative with a function of setting the virtual network connection for the newly started guest OS. Therefore, it is necessary to perform individually and manually the setting of the virtual network connection. Further, since the cooperative service program depends on the function of the service program executed in each of the newly started guest OS, it is difficult to grasp the cooperative service program. Furthermore, even if it is possible to grasp the cooperative service program, it is further difficult to specify what guest OS in what server among an enormous number of servers executes this cooperative service program. Still further, the number of servers configuring the server node pool is enormous, and a network configuration of the server node pool is complicated, and also, the servers configuring the server node pool is divided by the virtual network, and thus, it is also necessary to perform switch setting, tunneling setting and the like. Therefore, it is considerably complicated and difficult to perform the network connection setting of the servers when the guest OS is newly started up.
Moreover, since the burden on the setting work is large, mistakes during the setting
SUMMARY
[0007] In view of the above conventional problems, it is desirable to perform the network setting automatically when the guest OS is newly started up, thereby reducing the burden on the setting work.
[0008] The invention is defined in the claims. In embodiments, a computer, connected to a plurality of servers each including a virtual machine environment in which a host OS and a guest OS are operable as virtual OS, executes the following processes. When the guest OS is started up in a server, the computer refers to a table in which whether or not transmission and reception of data among service programs is necessary, is set and a table in which the servers executing the service programs are set. Then, the computer determines a connection target server which is to perform communications with the server in which the guest OS is newly started up, according to the service program to be executed by the newly started guest OS. Further, the computer acquires connection information necessary for performing virtual network communications between the server in which the guest OS is newly started up and the connection target server.
Furthermore, the computer sets the acquired connection information to the host OS that operates in the server in which the guest OS is newly started up and to the host OS that operates in the connection target server.
[0009] Advantageous features can be seen in the dependent claims.
[0010] For a better understanding of the invention, embodiments of it will now be described, by way of example, with reference to the accompanying drawings, in which: FIG. 1 is an entire configuration view of a system providing a network setting mechanism; FIG. 2 is an explanatory view of a server configuration and a structure of data transfer between two servers; FIG. 3A is an explanatory view of a setting table of a routing section; FIG. 3B is an explanatory view of a setting table of a tunneling section; FIG. 4 is a configuration view of an administrative manager; S.' FIG 5 is an explanatory view of a connecting course table; FIG 6 is an explanatory view of a service administration table; FIG 7 is an explanatory view of a physical IP address table; FIG 8 is an explanatory view of an interface administration table; FIG. 9 is an explanatory view of a VPN connection example among servers; FIG 10 is a flowchart of a network setting process by the administrative manager; FIG 11 is an explanatory view of a server configuration before processing network setting, in a specific example of the network setting process; FIG. 12A is an explanatory view of the connecting course table before processing the network setting, in the specific example of the network setting process; FIG 12B is an explanatory view of the physical IP address table before processing the network setting, in the specific example of the network setting process; FIG 12C is an explanatory view of the service administration table before processing the network setting, in the specific example of the network setting process; FIG. 12D is an explanatory view of the interface administration table before processing the network setting, in the specific example of the network setting process; FIG. I 3A is an explanatory view of the setting table of the routing section in the server a before processing the network setting, in the specific example of the network setting process; FIG 13B is an explanatory view of the setting table of the tunneling section in the server a before processing the network setting, in the specific example of the network setting process; FIG. 14A is an explanatory view of the setting table of the routing section in the server y before processing the network setting, in the specific example of the network setting process; FIG. 14B is an explanatory view of the setting table of the tunneling section in the server y before processing the network setting, in the specific example of the network setting process; FIG. 15 is an explanatory view of the server configuration after processing the network setting, in the specific example of the network setting process; FIG. 16A is an explanatory view of the setting table of the tunneling section in the server a after processing the network setting, in the specific example of the network setting process; FIG 16B is an explanatory view of the setting table of the routing section in the server a after processing the network setting, in the specific example of the network setting process; FIG. 17A is an explanatory view of the setting table of the tunneling section in the server T after processing the network setting, in the specific example of the network setting process; FIG. 1 7B is an explanatory view of the setting table of the routing section in the server y after processing the network setting, in the specific example of the network setting process; FIG 18A is an explanatory view of the service administration table after processing the network setting, in the specific example of the network setting process; and FIG. 1 8B is an explanatory view of the interface administration table after processing the network setting, in the specific example of the network setting process.
DESCRIPTION OF EMBODIMENT
[0011] FIG. 1 illustrates an entire configuration of a system providing a network setting mechanism. This system is the one set up in a server node pool installed in a data center that collectively administrates plural customers' services, and in this system, an administrative manager 10 and a plurality of servers 20 processing the customers' services are network-connected. The administrative manager 10 administrates the entirety of servers 20 in lump, and also, performs various types of setting on the servers 20 by remote controls. Further the administrative manager and the servers 20 are all configured by computers each provided with at least a CPU (Central Processing Unit) and a memory.
[0012] In the plurality of servers 20 configuring the server node pool, service programs for processing the services of plural customers who consigned outsourcing to the data center are arranged. Further, each server 20 is provided with a virtual machine environment capable of operating a virtual OS. Furthermore, the servers 20 establish the VPN connection to one another in P2P (Peer to Peer) using a virtual (private) network (VPN: Virtual Private Network), and the system is divided for each customer to thereby set up a virtual intranet. Incidentally, the above virtual intranet divided for each customer is connected to own system of individual customer.
[0013] Next, referring FIG. 2, there will be described a configuration of each server provided with the virtual machine environment and a structure of the VPN connection among the servers 20.
In the server 20, the virtual machine environment is set up, and a host OS and a guest OS 40 operate as virtual OS. The host OS 30 and the guest OS 40 are controlled on a hypervisor functioning as an OS control program.
[0014] Further, the server 20 is provided with a physical NIC (Network Interface Card) 50 for performing communications with other computers. Then, the server is allocated with a physical IP address which is uniquely identified in the server node pool. Furthermore, each of the host OS 30 and the guest OS 40 operating in the server 20 is provided with virtual NIC 60, and communications between the host OS 30 and the guest OS 40 in the same server are performed using this virtual NIC 60. Then, the guest OS 40 operating in the server is allocated with a customer IP address as a virtual lP address which is a unique address different from the physical IP address.
[0015] Further, the host OS 30 includes an element described below. Namely, the host OS 30 includes a routing section 30A that, when transmission data is received from the guest OS 40, specifies tunnel information for transmitting the transmission data via the VPN connection. As illustrated in FIG. 3A, the routing section 30A is provided with a routing setting table in which the customer IP addresses of the transmission targets and the tunnel information to be used for the VPN connection to the transmission target are set,. Then, the routing section 30A refers to the routing setting table and specifies a tunnel to be used for VPN communications based on the customer lP address attached to the transmission data. Further, the host OS includes a tunneling section 30B that attaches the physical lP address of the transmission target to the transmission data and also encapsulates the transmission data to thereby perform tunneling. As illustrated in FIG. 3B, the tunneling section 30B is provided with a tunneling setting table in which the tunnel information and the physical IP addresses being the transmission targets of the tunnels are set. Then, the tunneling section 3GB specifies the physical IP address of the transmission target from the tunnel information, based on the tunneling setting table. Further, the host OS 30 includes an encrypting section 30C that encrypts the transmission data. Incidentally, when data is received from the other server 20, in the host OS 30, the received data is decrypted in the encrypting section 30C and encapsulation thereof is released in the tunneling section 30B, and also, the received data is transmitted to the guest OS 40 of the customer IP address attached to the received data.
[00161 On the other hand, the guest OS 40 includes a customer's service processing section 40A that executes the service program. Incidentally, in an example of FIG. 2, only one guest OS operates, but a plurality of guests OS can operate.
Here, referring the example of FIG. 2, there will be described a process of data transmission from the service program executed in the customer's service processing section 40A in the guest OS 40 of a server a to the service program executed in the customer's service processing section 40A in the guest OS 40 of a server y. Firstly, the data is transmitted from the service program executed in the customer's service processing section 40A of the server a to the customer lP address (192.167.0.3) of the guest OS 40 of the server, which is the transmission target. This data is transmitted to the host OS 30 via the virtual NIC 60 (ethO) of the guest OS 40 and the virtual NIC 60 (vim) of the host OS 30. Then, in the host OS 30, the routing setting table is referred to in the routing section 30A, to thereby acquire the tunnel information corresponding to the customer IP address of the transmission target. Further, in the host OS 30, the tunneling setting table is referred to in the tunneling section 30B, to thereby acquire the physical IP address (10.0.0.3) of the transmission target server corresponding to the tunnel information.
Then, this physical IP address is attached to the transmission data, and thereafter, the transmission data is encapsulated and tunneled. Further, in the encrypting section 30C, the encapsulated transmission data is further encrypted by applying IPsec or the like. As a result, it becomes possible to establish the VPN connection to the server y. Then, the transmission data is transmitted from the virtual NIC 60 (ethO) of the host OS 30 to the server y via the physical NIC 50 (ethO) of the server a.
On the other hand, in the host OS 30 of the server y that received the transmission data, the reception data is transmitted to the guest OS 40 being the transmission target in which the service program is executed, based on the customer IP address attached to the reception data.
[0017] By adopting the configuration described above, in the case where the data transmission and reception is performed between the own server 20 and the other server 20 in the service program, in the guest OS 40, only the customer IP address of the transmission target may be set to the transmission data, and the setting of the physical IP address and the VPN connection is performed by the host OS 30.
Therefore, when the customer accesses the server to execute the service program and communicate with the other server, it becomes possible to perform such communications without the necessity of directly controlling the host OS 30.
Accordingly, it becomes possible to perform the communications with the other server without providing a control authorization of the host OS 30 to the customer, and consequently, it is possible to prevent troubles, such as erroneous alteration of the environment setting of the host OS 30 by the customer.
[0018] Next, there will be described the administrative manager 10 that administrates the entirety of servers 20 described above.
FIG 4 is a configuration view of the administrative manager 10. The administrative manager 10 includes: a service starting command receiving section bA; a guest OS starting section lOB; a connection target determining section bC; a connection information acquiring section 1OD; a network setting section IOE; a connecting course table bE; a service administration table lOG; a physical IP address table 1OH; and an interface administration table 101.
[00191 The service starting command receiving section (unit) bOA is connected to an input device which can be operated by an operatOr. Then, the service starting command receiving section bOA receives a service starting command for newly starting up the guest OS 40 to execute the service program. In this service starting command, a starting objective server of which guest OS 40 is to be newly started up and the service program to be executed are designated.
[0020] The guest OS starting section 1 OB newly starts up the guest OS 40 of the server 20 in which the host OS 30 operates on the hypervisor and the guest OS 40 is operable, and also, makes the service program to be executable.
[0021] The connection target determining section bC determines a connection target server which establishes the VPN connection to the starting objective server in which the guest OS 40 is started up.
[0022] The connection information acquiring section 1OD acquires connection information necessary for establishing the VPN connection between the starting objective server and the connection target server.
[0023] The network selling section 1 OE is network-connected to each of the servers 20, to set the connection information to the host OS 30 of the starting objective server and the host OS 30 of the connection target server.
[0024] The connecting course table IOF indicates whether or not VPN connection among the service programs is available, according to service program types based on functions of the service programs, and as illustrated in FIG 5, in the connecting course table I OF, it is registered whether or not the connection among the service program types is available. In the example of FIG.5, respective A, B and C indicate the service program types, and "0" indicates that the connection is available and "X" indicates that the connection is not available. Thus, according to the connecting course table IOF, it is possible to set both whether or not the connection among the service programs of same type is available and whether or not the connection among the service programs of different types is available.
[0025] The service administration table lOG indicates for each of service program types, the servers 20 in which the service programs of respective service program types are executed. As illustrated in FIG. 6, in the service administration table 1OG the service program types, the customer IP addresses of the guests OS 40 executing the service programs of the service program types, and the server names are registered.
[0026] The physical IP address table IOH indicates the physical IP addresses of the servers 20, and as illustrated in FIG 7, in the physical IP address table IOH, the servers and the physical IP addresses of the servers is registered.
The interface administration table 101 indicates the tunnels to be used for -10 -the VPN connection among the servers 20, and as illustrated in FIG 8, includes the transmission source servers and the transmission target servers, and also, the tunnel information.
[0027] Here, there will be described how the VPN connection is established among the servers 20, based on whether or not the VPN connection according to the service program types registered in the above connecting course table 1 OF is available. FIG. 9 illustrates an example of the VPN connection among the servers in the data example of the connecting course table IOF in FIG 5. In this example, the server a and server each executes the service program of service program type A, the server y, server and server c each executes the service program of service program type B, and the server and server 1 each executes the service program of service program type C. Further, arrows in solid lines indicate that the VPN connection is established among the servers 20. Then, in the connecting course table 1 OF of FIG 5, the connection between the service programs of service program type A and the connection between the service programs of service program types A and C are not available (X), whereas the connection between the service programs of service program types A and 8, the connection between the service programs of service program types B and the connection between the service programs of service program types B a'nd C are available (0).
Therefore, as illustrated in FIG 9, the server a and server 3 each executing the service programs of service program type A are each connected to the server, server S and server c each executing the service programs of service program type B. On the other hand, the server a and server each executing the service program of service program type A are not connected to the server and server 1 each executing the service program of service program type C. Further, the server y, server S and server E each executing the service program of service program type B are mutually connected. Furthermore, the server y, server S and server E each executing the service program of service program type B are each connected to the server and server 1 each executing the service programs of service program type C. [0028] FIG 10 illustrates a network setting process executed in the service starting command receiving section bA, guest OS starting section lOB, connection target determining section lOG, connection information acquiring section IOD and network setting section 1OE of the administrative manager 10. This process is executed -:i.i -
SL
when the operator issues the service starting command which designates the starting objective server in which the guest OS 40 is newly started up to execute the service program, and the service program to be executed.
[0029] In step 1 (to be abbreviated as Si in FIGL 10, and the same rule will be applied to subsequent steps), the guest OS 40 is started up in the designated starting objective server, to thereby make the service program to be executable. At this time, a new customer IP address is allocated to the started guest OS 40.
Incidentally, such customer IP address allocation is performed so that the new customer IP address does not overlap with the customer IP addresses which are already used.
[0030] In step 2, referring to the connecting course table IOF, all of the service program types necessary for establishing the VPN connection to the service program type of the service program designated by the service starting command, are acquired.
[0031] In step 3, referring to the service administration table I 0G the server 20 executing the service program of service program type acquired in step 2, is determined as the connection target server.
In step 4, referring to the service administration table ioa the customer IP address of the guest 05 40 in the connection target server is acquired.
[0032] In step 5, a tunnel to be used for the VPN connection between the starting objective server and the connection target server is determined. Incidentally, such tunnel determination is performed so that the determined tunnel does not overlap with the tunnels in each server which are already used.
[0033] In step 6, referring to the physical IP address table IOH, the physical IP address of the connection target server is acquired.
In step 7, in order to establish the VPN connection from the starting objective server to the connection target server, in the tunneling section 30B of the starting objective server, a new tunnel is set in accordance with the tunnel information acquired in step 5. Further, the tunnel information of the new tunnel -12 -and the physical IP address of the connection target server are set, as the connection information, to the tunneling setting table in the tunneling section 30B of the starting objective server.
[0034] In step 8, the customer IP address of the connection target server and the tunnel information thereof are set, as the connection information, to the routing setting table in the routing section 30A of the starting objective server.
In step 9, in order to establish the VPN connection from the connection target server to the starting objective server, in the tunneling section 30B of the connection target server, a new tunnel is set. Further, the tunnel information of the new tunnel and the physical IP address of the starting objective server are set, as the connection information, to the tunneling setting table in the tunneling section 30B of the connection target server.
[0035] In step 10, the customer IP address of the starting objective server and the tunnel information thereof are set, as the connection information, to the routing setting table in the routing section 30A of the connection target server.
In step 11, the customer IP address, service program type and server name of the starting objective server are registered in the service administration table lOG of the administrative manager 10, and also, the tunnel information between the starting objective server and the connection target server is registered in the interface administration table 101.
[0036] Incidentally, when a plurality of connection target servers is determined, the above steps 4 to 11 are executed for the plurality of connection target servers.
Here, there will be described the network setting process executed by the administrative manager 10 by indicating a specific example. Herein, an example of server configuration as illustrated in FIG. 11 is used. In this example, the server a executes the service program of service program type A, and the server y executes the service program of service program type B. Then, it is assumed that a processing amount by the service program of service program type A is increased, so that a burden is imparted on the server a, and therefore, the service starting command is issued for newly starting up the guest OS 40 in the server 13 to execute -13 -the service program of service program type A. Incidentally, in FIG. 11, the illustration of physical network connection between the administrative manger 10 and each server, and the illustration of a part of the configuration of each server, are omitted for convenience. Further, an arrow in a solid line between servers indicates that the VPN connection is established.
[0037] Further, in this example, the connecting course table 1OF, service administration table lOG physical IP address table 1OH and interface administration table 101 of the administrative manager 10 are set as illustrated in FIG. 12A, FIG. 12B, FIG. 12C and FIG. 12D, respectively.
[0038] Furthermore, in this example, the settings as illustrated in FIG. 1 3A and FIG. 13B are made on the routing setting table of the routing section 30A and the tunneling setting table of the tunneling section 30B in the server a, respectively.
Still further, the settings as illustrated in FIG. 14A and FIG. 14B are made on the routing setting table of the routing section 30A and the tunneling setting table of the tunneling section 308 in the server y, respectively.
[0039] Then, when the service starting command is received in the service starting command receiving section IOA, the guest OS starting section lOB starts up the guest OS 40 in the server 3, and also, makes the service program of service program type A to be executable. At this time, the guest OS starting section 108 allocates the new customer IP address (192.167.0.3) to the started guest OS 40 (step 1). Here, the connection target determining section 1 OC refers to the connecting course table 1 OF, to acquire all of the service program types necessary for establishing the VPN connection to the service program type A commanded to be started up, namely, the service program type B (step 2). Further, the connection target determining section 1OC refers to the service administration table lOG, to acquire the server in which the guest OS 40 executing the service program of service program type B is operated, namely, the server y as the connection target server (step 3). Furthermore, the connection information acquiring section 1OD acquires the customer lP address (192.167.0.2) of the operated guest OS 40 (step 4).
[0040] Further, the connection information acquiring section IOD determines the tunnels to be used for the VPN connection between the server 3 and the server y.
-14 -Herein, the tunnel to be used for the VPN connection from the server t3 to the server y is set to "tunO", whereas the tunnel to be used for the VPN connection from the server y to the server 1 is set to "tunl" (step 5). Furthermore, the connection information acquiring section IOD refers to the physical IP address table IOH, to acquire the physical IP address (10.0.0.3) of the server y (step 6).
[0041] Then, in order to establish the VPN connection from the server to the server y, the network setting section 1 OE sets the new tunnel (tunO) to the tunneling section 30B of the server, as illustrated in FIG. 15. Further, the network setting section 1 OE sets the tunnel information (tunO) and the physical lP address (10.0.0.3) of the server y to the tunneling setting table in the tunneling section 30B of the server , as illustrated in FIG. 16A (step 7). Still further, the network setting section IOE sets the customer IP address of the server -y and the tunnel information thereof to the routing setting table in the routing section 30A of the server (step 8).
[0042] On the other hand, in order to establish the VPN connection from the server y to the server, the network setting section 1OE sets the new tunnel (turil) in the tunneling section 30B of the server y, as illustrated in FIG 15. Further, the network setting section 1 OE sets the tunnel information of the new tunnel and the physical lP address of the server 3 to the tunneling setting table in the tunneling section 30B of the server y, as illustrated in Fig. 1 7A (step 9). Furthermore, the network setting section IOE sets the customer IP address of the server and the tunneling information thereof to the routing setting table in the routing section 30A of the server y, as illustrated in FIG 178 (step 10).
[0043] Then, the network setting section 1 OE registers the server f3 as the server executing the service program of service program type A, and also, registers the customer IP address (192.167.0.3), in the service administration table lOG of the administrative manager 10, as illustrated in FIG. 18A. Further, the network setting section IOE registers the tunnel information (tunO) from the server f3 to the server y and the tunnel information (tuni) from the server y to the server 3, in the interface administration table lOt, as illustrated in FIG. 18B (step 11).
[0044] According to the network setting process described above, it is set whether or not the connection among the service program types in the connecting course table IOF is available, and also, the servers in which the service programs of respective service program types are executed are set, in the service administration table lOG. Therefore, by referring to these tables, when the guest OS is newly started up, the connection target server can be automatically determined according to the service program to be executed in the newly started guest OS. Further, the customer lP addresses of respective servers are set in the service administration table lOG, and the physical IP addresses of respective servers are set in the physical (P address table. Therefore, by referring to these tables, it is possible to acquire the connection information enabling the VPN connection between the starting objective server and the connection target server, to thereby automatically perform the network setting to each host OS. Accordingly, even when the guest OS is newly started up, the work of specifying the connection target server is omitted, and also, the work of routing setting in each server and the work of tunneling setting for the VPN connection are omitted. Then, a burden in the network setting work is considerably decreased, and also, mistakes during the setting work can be prevented.
[0045] Further, as described in the above, it is possible to set whether or not the connection among the service programs of same type to the connecting course table IOF is available. Therefore, as in the above embodiment, in the case where the service program in service program type same as that of the service program already executed is further executed for the transverse development of the function of the specific service program, the present system can be applied. On the other hand, it is also possible to set whether or not the connection among the service programs of different types to the connecting course table IOF is available.
Therefore, also in the case of performing the vertical development for newly executing the service program in service program type which has not been executed, if the new service program type is previously registered in the connecting course table 1OF, the present system can be appUed. Thus, according to the present system, in system expansion in every embodiment, it is possible to automate the network setting work.
[0046] All examples and conditional language recited herein are intended for pedagogical purposes to aid the reader in understanding the invention and the concepts contributed by the inventor for furthering the art, and are to be construed as being without limitation to such specifically recited examples and conditions, nor does the organization of such examples in the specification relate to a showing of the superiority and inferiority of the invention.

Claims (7)

  1. CLAIMS1. A computer-readable recording medium storing a network setting program causing a computer, which is connected to a plurality of servers each including a virtual machine environment in which a host operating system that directly performs communications with another server using a virtual network,and a guest operating system that is started up to execute a service program for processing a customer's service and performs communications with said another server only via the host operating system, are operable as virtual operating systems, to execute a process comprising: referring to a table in which whether or not transmission and reception of data among service programs is available is set and a table in which the servers executing the service programs are set when the guest operating system is started up in a server in accordance with an operator instruction, thereby to determine a connection target server which establishes the virtual network connection to the server in which the guest operating system is started up, according to the service program to be executed by the started guest operating system; acquiring connection information necessary for establishing the virtual network connection between the server in which the guest operating system is started up and the determined connection target server; and setting the acquired connection information to the host operating system that operates in the server in which the guest operating system is started up and to the host operating system that operates in the connection target server.
  2. 2. A computer-readable recording medium according to claim 1, wherein a virtual IP address is allocated to the guest operating system in each of the p!ura!ity of servers, and based on network setting associated with a physical IP address of a separate server being a connection target, the virtual (P address of the guest operating system of the separate server and tunnel information to be used for the virtual network connection to the separate server, the host operating system in each server specifies the physical IP address of the separate server being a transmission target from the virtual IP address of the guest operating system of the separate server, which is attached to data transmitted from the guest operating system in the own server to the separate server, and thereafter performs a tunneling on the data in accordance with the tunnel information to transmit the data, and wherein the process of acquiring the connection information comprises, referring to a table indicating a relation between each server and the corresponding physical IP address thereof and a table indicating a relation between each server and the corresponding virtual IP address of the guest operating system that operates therein, so as to acquire the physical IP address of the connection target server and the virtual IP address of the guest operating system in the connection target server, and determining a tunnel to be used for virtual network connection between the server in which the guest operating system is newly started up and the connection target server, so as to acquire the tunnel information of the determined tunnel.
  3. 3. A computer-readable recording medium storing a network setting program causing the computer to execute a process according to claim 1 or 2, wherein whether or not transmission and reception of data among the service programs of same service program types and among the service programs of different service program types is available is set to the table in which whether or not transmission and reception of data among the service programs is available is set, according to service program types based on service program functions.
  4. 4. A computer-readable recording medium storing a network setting program causing the computer to execute a process according to any preceding cia im, Wherein, when the connection target server system is a plurality of connection target servers, and the process of acquiring the connection information and setting the connection information is performed on all of the plurality of connection target servers.
  5. 5. A network setting method executed in a computer, which is connected to a plurality of servers each including a virtual machine environment in which a host operating system that directly performs communications with another server using a virtual network,and a guest operating system that is started up to execute a service program for processing a customer's service and performs communications with said another server only via the host operating system, are operable as virtual operating systems, the method comprising: referring to a table in which whether or not transmission and reception of data among service programs is available is set and a table in which the servers executing the service programs are set when the guest operating system is started up in a server in accordance with an operator instruction, thereby to determine a connection target server which establishes the virtual network connection to the server in which the guest operating system is started up, according to the service program to be executed by the started guest operating system; acquiring connection information necessary for establishing the virtual network connection between the server in which the guest operating system is started up and the connection target server; and setting the acquired connection information to the host operating system that operates in the server in which the guest operating system is started up and to the host operating system that operates in the connection target server.
  6. 6. A network setting apparatus connected to a plurality of servers each including a virtual machine environment in which a host operating system that directly performs communications with another server using a virtual network, and a guest operating system that is started up to execute a service program for processing a customer's service and performs communications with said another server only via the host operating system, are operable as virtual operating systems, the apparatus comprising: connection target determining unit for referring to a table in which whether or not transmission and reception of data among service programs is available is set and a table in which the servers executing the service programs are set when the guest operating system is started up in a server in accordance with an operator instruction, thereby to determine the connection target server which establishes the virtual network connection to the server in which the guest operating system is started up, according to the service program to be executed by the started guest operating system; connection information acquiring unit for acquiring connection information necessary for estabflshing the virtual network connection between the server in which the guest operating system is started up and the connection target server; and a setting unit for setting the acquired connection information to the host operating system that operates in the server in which the guest operating system is started up and to the host operating system that operates in the connection target server.
  7. 7. A network setting system substantially as described herein with reference to the attached drawings.
GB0909312A 2008-08-01 2009-05-29 A distributed server system includes a table indicating communication relationships between various service programs Withdrawn GB2462160A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2008199818A JP2010039626A (en) 2008-08-01 2008-08-01 Network setting program, network setting method, and network setting device

Publications (2)

Publication Number Publication Date
GB0909312D0 GB0909312D0 (en) 2009-07-15
GB2462160A true GB2462160A (en) 2010-02-03

Family

ID=40902335

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0909312A Withdrawn GB2462160A (en) 2008-08-01 2009-05-29 A distributed server system includes a table indicating communication relationships between various service programs

Country Status (3)

Country Link
US (1) US20100030898A1 (en)
JP (1) JP2010039626A (en)
GB (1) GB2462160A (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5458998B2 (en) * 2010-03-19 2014-04-02 富士通株式会社 Virtual machine system and virtual machine management method
US8739177B2 (en) 2010-06-21 2014-05-27 Intel Corporation Method for network interface sharing among multiple virtual machines
JP5548095B2 (en) * 2010-10-26 2014-07-16 日本電信電話株式会社 Virtual control program, information processing apparatus, and virtual control method
JP5564453B2 (en) * 2011-02-25 2014-07-30 株式会社エヌ・ティ・ティ・データ Information processing system and information processing method
WO2012127627A1 (en) * 2011-03-22 2012-09-27 富士通株式会社 Information device, screen switching method, and screen switching program
JP5681279B2 (en) * 2011-08-01 2015-03-04 日本電気株式会社 Test apparatus, system, program, and method
JP5903822B2 (en) 2011-09-30 2016-04-13 富士通株式会社 Setting control apparatus, setting control method, and setting control program
TWI459531B (en) * 2012-04-18 2014-11-01 Jeng Jye Shau High area efficiency electronic component and manufacturing method thereof
US9930066B2 (en) * 2013-02-12 2018-03-27 Nicira, Inc. Infrastructure level LAN security
US10445509B2 (en) 2014-06-30 2019-10-15 Nicira, Inc. Encryption architecture
US10713195B2 (en) * 2016-01-15 2020-07-14 Intel Corporation Interrupts between virtual machines
US10339205B2 (en) 2016-02-22 2019-07-02 International Business Machines Corporation Efficient handling of bi-directional data

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2028592A1 (en) * 2007-08-20 2009-02-25 Hitachi, Ltd. Storage and server provisioning for virtualized and geographically dispersed data centers

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100846530B1 (en) * 2000-07-05 2008-07-15 언스트 앤 영 엘엘피 Method and apparatus for providing computer services
US8209680B1 (en) * 2003-04-11 2012-06-26 Vmware, Inc. System and method for disk imaging on diverse computers
US7809976B2 (en) * 2007-04-30 2010-10-05 Netapp, Inc. System and method for failover of guest operating systems in a virtual machine environment
JP4871850B2 (en) * 2007-12-04 2012-02-08 株式会社日立製作所 Virtual computer system and virtual computer migration control method
US8327355B2 (en) * 2008-07-15 2012-12-04 International Business Machines Corporation Method, computer program product, and hardware product for supporting virtual machine guest migration overcommit
JP2010039730A (en) * 2008-08-05 2010-02-18 Fujitsu Ltd Network setting program, network setting method, and network setting device
US8805973B2 (en) * 2008-12-09 2014-08-12 Go Daddy Operating Company, LLC Using routing protocols to migrate a hosted account

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2028592A1 (en) * 2007-08-20 2009-02-25 Hitachi, Ltd. Storage and server provisioning for virtualized and geographically dispersed data centers

Also Published As

Publication number Publication date
JP2010039626A (en) 2010-02-18
US20100030898A1 (en) 2010-02-04
GB0909312D0 (en) 2009-07-15

Similar Documents

Publication Publication Date Title
GB2462160A (en) A distributed server system includes a table indicating communication relationships between various service programs
US20100036913A1 (en) Network setting method and network setting apparatus
US20100057898A1 (en) Load balancer setting method and load balancer setting apparatus
EP3471375B1 (en) Method and apparatus for managing field device based on cloud server
US9485323B1 (en) Managing pooled client-premise resources via provider-defined interfaces
US9686121B2 (en) Client-premise resource control via provider-defined interfaces
US20100058051A1 (en) Method and apparatus for setting a secure communication path between virtual machines
US11218370B2 (en) Method for applying a patch to a virtualized network function to be updated
US12192279B2 (en) System and method for non-disruptive migration of software components to a public cloud system
EP3367612A1 (en) Dial testing method, dial testing system, and compute node
WO2019178756A1 (en) Sd-wan system, use method of sd-wan system, and related apparatus
WO2018053686A1 (en) Method and device for deploying security policy
EP2911059A1 (en) Operation verification device for virtual apparatus, and operation verification system and program for virtual apparatus
US10374876B2 (en) Configuration of server apparatus
CN105119772B (en) A C/S Architecture IPMI Functional Test Method
US11604670B2 (en) Virtual machine live migration method, apparatus, and system
CN112667293B (en) Method, device and storage medium for deploying operating system
CN118250153B (en) Service disaster recovery network configuration method, device, equipment and storage medium
CN114026826A (en) Provider network connection management for provider network underlay extensions
CN116708554A (en) A network agent method and system capable of switching egress IP
Cisco Configuring Cisco Mainframe Channel Connection Adapters
KR20170052262A (en) Dynamic commands processing apparatus and method thereof
KR20210083561A (en) Method and apparatus for automating operation of virtual network
CN113037849A (en) Bare computer information acquisition method, system and storage medium
WO2015067052A1 (en) Method, device, and system for transmitting test command

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)